Cybernews

Disgruntled hacker drops second zero-day Windows Defender exploit just hours after Microsoft patches first one

A disgruntled researcher released a second zero-day Windows Defender exploit, dubbed RedSun, shortly after Microsoft patched ...
SecurityWeek

Splunk Enterprise Update Patches Code Execution Vulnerability

Splunk has released patches that resolve high- and medium-severity vulnerabilities in Splunk Enterprise and MCP Server.
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...
The Hacker News

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

PowMix targets Czech workforce since Dec 2025 using jittered C2 and ZIP phishing, enabling stealthy remote access and ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...